This article analyses the requirements of the ISO 45001 standard on risk and opportunity approach, in conjunction with the requirements of the BS 45002 series of standards and underlining both important issues to be addressed and possible related measures. Finally, there are some considerations regarding the way in which risk-based thinking should be audited.